Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
173 Posts
Discussion Starter · #1 ·
OK, so a scan revealed that my computer is infected with coolwwwsearch.cameup. The scan also identified this with it:
(SBI $4A5E11C5) INTERFACE
KEY_CASES_ROOT\Interface\{95B92D92-8B7D-4A19-A3FI-43113BFDBCAS}

I downloaded HijackThis to great a log to show with this message, but I received this message when I did the scan:

For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file HijackThis may NOT be able to fix this.

If that happens, you need to edit the file yourself. To do this, click Start, Run and type:

notepad C:\Windows\System32\drivers\etc\hosts

and press Enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts' (with quotes) and reboot.

So I went to Start, but there was no Run (Windows 7). I typed in the string in the box for search programs and files, but the desired info did not emerge.

Can someone walk me through what I need to do?

Thanks.
 

·
Registered
Joined
·
173 Posts
Discussion Starter · #2 ·
Spybot has identified this as the offending registry key:

HKEY_CLASSES_ROOT\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}

Can anyone tell me if it is safe for me to just delete this key?
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top